[Samba] which DNS backend ?

Reindl Harald h.reindl at thelounge.net
Sun Feb 28 23:05:00 UTC 2016 


Am 28.02.2016 um 23:54 schrieb Rowland penny:
> On 28/02/16 22:42, Reindl Harald wrote:
>>
>>
>> Am 28.02.2016 um 23:10 schrieb Rowland penny:
>>> On 28/02/16 21:56, Reindl Harald wrote:
>>>>
>>>>
>>>> Am 28.02.2016 um 22:22 schrieb John Gardeniers:
>>>>> Thanks Rowland. Perhaps because I expected these basic issues to have
>>>>> been resolved long ago I never thought to check the SOA records.
>>>>> You are
>>>>> perfectly correct - the second DC is not listed
>>>>
>>>> since when is more than one NS listed in the SOA?
>>>>
>>>> http://rscott.org/dns/soa.html
>>>>
>>>> MNAME ("Primary NS") - This entry is the domain name of the name
>>>> server that was the original source of the data (this entry MUST be
>>>> your primary nameserver). This is your primary nameserver, and MUST be
>>>> the one and only server that you ever update. You must not update the
>>>> secondary server(s) -- they will update automatically, based on this
>>>> the SOA record. Problem? This should be a fully qualified domain name .
>>>>
>>> OK, I see where you are coming from, but, this is referring to a normal
>>> dns server that replicates to other secondary dns servers. AD dns works
>>> a little differently, all AD dns servers replicate dns records to each
>>> other and each AD DC is supposed to be authoritative for the dns domain,
>>> this does not happen if your first DC goes down when you are using the
>>> internal dns server. As an aside, my first DC shutdown for some reason,
>>> I didn't notice for a couple of hours, until I tried to 'ssh' into it, I
>>> didn't notice because *everything* else just kept working on my
>>> second DC
>>
>> well, that's not the business of the SOA record
>> it's a matter of NS-records
>>
>
> If you only have one Authoritative nameserver (which is what you have
> with the internal dns) and it disappears, then you don't have *anything*
> that will respond to a request for info about AD dns domain

sorry, but that's not a matter of SOA

all your NS-records are authoritative, no matter if the yare master or

slave, the format of the SOA record is pretty clear

https://support.dnsimple.com/articles/soa-record/
ns1.dnsimple.com admin.dnsimple.com 2013022001 86400 7200 604800 300

nothing will change the SOA format because it's defined far away from 
samba and the implementation https://www.ietf.org/rfc/rfc1912.txt

otherwise show me how you imageine a SOA record listing more than one 
nameserver would look like when the second filed is by defintion the 
admin contact

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20160229/bc7eb104/signature.sig>

More information about the samba mailing list